package cn.itcast.bos.action;

import java.io.IOException;
import java.util.List;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.struts2.ServletActionContext;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;

import cn.itcast.bos.domain.User;

@Controller
@Scope("prototype")
public class UserAction extends BaseAction<User> {

	private String checkcode;
	public void setCheckcode(String checkcode) {
		this.checkcode = checkcode;
	}

	public String logout(){
		ServletActionContext.getRequest().getSession().invalidate();
		return "login";
	}
	
	//修改密码
	public String editPassword() throws IOException{
		String password = model.getPassword();
		String id = ((User) ServletActionContext.getRequest().getSession().getAttribute("user")).getId();
		String flag = "1";
		try{
			UserService.editPassword(password,id);
		} catch(Exception e) {
			e.printStackTrace();
			flag = "0";
		}
		ServletActionContext.getResponse().setContentType("text/html;charset=utf-8");
		ServletActionContext.getResponse().getWriter().print(flag);
		return NONE;
	}
	
	public String login(){
		//获得session中生成的验证码
		String key = (String) ServletActionContext.getRequest().getSession().getAttribute("key");
		//拿jsp用户输入的验证码与  key 校验
		if (StringUtils.isBlank(key) || !checkcode.equals(key)) {
			//验证码不一致,提示错误信息,并回到登录页面
			this.addActionError(this.getText("checkCodeError"));
			return "login";
		} else {
			//使用shiro提供的方式进行权限认证
			//获得当前确认对象,当前状态为"未认证"
			Subject subject = SecurityUtils.getSubject();
			String username = model.getUsername();
			String password = model.getPassword();
			UsernamePasswordToken token = new UsernamePasswordToken(username, password);
			try{
				//调用安全管理器,安全管理器调用realm
				subject.login(token);
				User user = (User) subject.getPrincipal();
				//登录成功后将user放入session 跳转到首页
				ServletActionContext.getRequest().getSession().setAttribute("user", user);
			}catch (UnknownAccountException e) {
				e.printStackTrace();
				//用户名不存在，跳转到登录页面
				this.addActionError("用户名不存在！");
				return "login";
			}catch (IncorrectCredentialsException e) {
				// 密码错误，跳转到登录页面
				this.addActionError("密码错误！");
				e.printStackTrace();
				return "login";
			}
			return "success";
		}
	}
	
	
	public String login_copy(){
		//获得session中生成的验证码
		String key = (String) ServletActionContext.getRequest().getSession().getAttribute("key");
		//拿jsp用户输入的验证码与  key 校验
		if (StringUtils.isBlank(key) || !checkcode.equals(key)) {
			//验证码不一致,提示错误信息,并回到登录页面
			this.addActionError(this.getText("checkCodeError"));
			return "login";
		} else {
			User user = UserService.login(model);
			if (user!= null) {
				//登录成功
				ServletActionContext.getRequest().getSession().setAttribute("user", user);
				return "success";
			} else{
				//登录失败
				this.addActionError(this.getText("loginError"));
				return "login";
				
			}
		}
	}
	
	private String[] roleIds;
	public void setRoleIds(String[] roleIds) {
		this.roleIds = roleIds;
	}

	//用户添加
	public String save(){
		UserService.save(model,roleIds);
		return "userlist";
	}
	
	//查询所有用户
	public String list(){
		List<User> list = UserService.findAll();
		this.writeListToJson(list, new String[]{"noticebills","roles"});
		return NONE;
	}
}
